I simply want to know if is this normal, abnormal, deceptive, illegal, etc... I
ID: 655828 • Letter: I
Question
I simply want to know if is this normal, abnormal, deceptive, illegal, etc...
I am at work. When I bring up a certificate for most domains, I get a very standard certificate. When I bring one up for Facebook or Twitter (social media sites), the certificate throws a warning. The warning is because they are untrusted. Looking at the certificate, the Issuer is the company that runs the local network in our building. It is not a standard issuer.
This is exactly how it is listed (replacing the company name with xxx.com):
Issuer: DC=com, DC=xxx, CN=XXXsubCA
Explanation / Answer
Some companies are very concerned about information leaking onto social media sites. Because of this, they will put in proxies that inspect the content of data sent to social media. When they do this, they issue their own certificate, and it behaves in the way that you describe.
Is it normal? Not for the average user, but increasingly normal in corporate environments
Is it deceptive? Sort of, but you might have been notified of this kind of thing in a corporate policy
Is it illegal? That really depends on your jurisdiction. But, as I said, it is becoming increasingly common, and in many jurisdictions is legal (with or without notification).
The other question you need to ask is, "what is my risk?" And here it is: Because they are interested in the content of what you post, it is likely that they store, inspect, and alert on that content. That means that everything you post goes to your company. All communication (to those sites) is no longer private to you and your intended audience, but is exposed to those who are authorized to view such information in your company.